How to Turn Financial Compliance from Pain into Gain

Many finance professionals see compliance as similar to taking a spoonful of castor oil: they've heard it's good for them but know they don't like the taste.

The reason, I suspect, is that they have a limited view of compliance. They see it as a necessary chore to satisfy demands from auditors, which takes them away from strategic and revenue-generating work.

In fact, compliance doesn't have to be a burdensome checkbox item. As KPMG's Brian Jensen and I discussed in a recent webcast, organizations can reap significant benefits by taking a progressive approach. Particularly with finance applications in the cloud, compliance can add significant value to the business and save money at the same time. The key is to identify and focus on the business value.

The Cost of Noncompliance

ERP systems can help support and enable compliance. Research from the University of Greenwich found that "managers can use an ERP to develop effective internal controls for the most common material weaknesses." When using cloud ERP, a business can harness sophisticated software and computing power to automate controls and enforce compliance, which traditionally has been conducted through inefficient (and often flawed) manual processes.

The costs of bypassing this opportunity could be devastating. In a great example shared during the webcast, Brian discussed what might happen when compliance basics like segregation of duties are not implemented with adequate transparency and enforcement. In 2015, the former controller of a Corsicana, Texas, bakery was convicted of embezzling more than $16 million over nearly a decade. Such sustained fraud could have been prevented had the company’s ERP systems provided automated enforcement of financial controls and real-time alerts to fraudulent activities. What’s more, this represents just the tip of the iceberg. Manual sampling methods typically leave organizations exposed to cash leakage that can be corrected with automated controls. Thus, an ERP system with these capabilities often delivers a tidy ROI.

In the radical transparency approach, organizations embrace increased awareness of risk and publicity, better employee education, and technology that fosters more transparent and collaborative accounting and compliance at every step. Radically transparent organizations proactively seek to improve access to information, data, and records, which delivers value in two key ways:

It demonstrates accountability to stakeholders in the pursuit of their key interests.

Automation Is Key

ERP systems and other risk management tools are critical to achieving radical transparency. Not only do some of these tools use intelligent automation, but they are also more efficient and reliable than manual processes that frequently revolve around error prone spreadsheets.

Human error in information processing makes companies more vulnerable to risks. People make mistakes and, sadly, a small percentage will be bad actors looking to take advantage where they can. Also, companies design compliance measures around roles and business processes that are in place at a given time. As these change, manual controls increasingly fall out of sync with reality, unless those controls are redesigned.

Intelligent automation—software-driven processes that use data science techniques combined with human intelligence—typically deliver faster and more accurate results than automation alone. When used for managing compliance and risk, such software can not only eliminate mundane tasks, it can consistently note exceptions and alert personnel to anomalous transactions or potentially fraudulent activities. Data remains secure in the process and, in a cloud-hosted application, managers can receive information and notifications from the ERP system in a timelier fashion than ever before.

Implementing automated, streamlined controls and assessments across multiple compliance requirements eliminates duplication and enables greater efficiency. Doing so frees up time to focus on further mitigating strategic risks that can reduce shareholder value.

Take the Next Steps toward Radical Transparency

What can companies do to move beyond a checkbox approach to compliance and toward radical transparency? Making the shift, according to IDC, needs a four-part plan:

Set the right tone from the top of the organization. Upper management should reinforce the “long view” to more strategic and sustainable financial controls, even when the company must address some short-term issues first.

Create the right risk insight and culture. Use a systematic approach to emphasize risk awareness and compliance innovation across the organization. With better insight into sources of risk and real-time notifications, executives can delegate with more confidence and allow business process owners to take more responsibility for risk management. The result is a risk-aware culture.

Find your place in the compliance maturity cycle and aim for a step change. Understanding “what excellence looks like” can help organizations make the right investments and nimbly skip to it rather than brute force their way up one level at a time.

Over time, your organization will move toward a type of compliance that isn't a burden and which delivers new levels of stakeholder trust, operational efficiency, risk management, and cost containment.